Giving in to ransom demands not a guaranteed solution: study

Photo by Oleksii Khodakivskiy

Cybereason has released research findings from a global ransomware study of nearly 1,300 security professionals that reveals more than half of organisations globally have been the victim of a ransomware attack.

In Singapore, 100 companies were surveyed and 25 percent of businesses that chose to pay a ransom demand suffered a second ransomware attack, often at the hands of the same threat actor group.

The research also divulged that of the organisations who opted to pay a ransom demand to regain access to their encrypted systems, 28 percent reported that some or all of the data was corrupted during the recovery process.

These findings underscore why it does not pay to pay ransomware attackers, and that organisations should focus on early detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

Key Singapore findings include:

  • Loss of Business Revenue: 25 percent of organisations reported significant loss of revenue following a ransomware attack
  • Ransom Demands Increasing: 37 percent of businesses that paid a ransom demand shelled out between USD 140,000 to USD 1.4 million, while 5 percent paid ransoms exceeding USD 1.4 million
  • Brand and Reputation Damage: 40 percent of organisations indicated that their brand and reputation were damaged as a result of a successful attack
  • C-Level Talent Loss: 13 percent of organisations reported losing C-Level talent as a direct result of ransomware attacks
  • Employee Layoffs: 13 percent reported being forced to layoff employees due to financial pressures following a ransomware attack
  • Business Closures: A startling 20 percent of organisations reported that a ransomware attack forced the business to close down operations entirely

Other key findings included in the full report reveal the extent to which losses to the business may be covered by cyber insurance, how prepared organisations are to address ransomware threats to the business with regard to adequate security policies and staffing, and more granular information on the impact of ransomware attacks by region, company size and industry vertical.

In addition, the report provides actionable data on the types of security solutions organisations had in place prior to an attack, as well as which solutions were most often implemented by organisations after they experienced a ransomware attack.

“Ransomware attacks are a major concern for organisations across the globe, often causing massive business disruptions including the loss of income and valuable human resources as a direct result,” said Eric Nagel, General Manager for APAC at Cybereason.

“With the attack on a major insurer’s operations in Asia in May this year, we have seen first-hand the adverse effects of ransomware and how it can disrupt business operations, not just locally, but on a regional level.”

Leslie Wong, Regional Vice President for APAC at Cybereason adds, “The results speak for itself. Singapore businesses must understand that paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks.

“Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”